CVE-2026-26193

Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.6.44

Description Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Manually modifying chat history allows setting the embeds property on a response message. The content of this property is loaded into an iFrame with a sandbox that has allow-scripts and allow-same-origin set, bypassing the "iframe Sandbox Allow Same Origin" configuration. This enables stored cross-site scripting (XSS) on the affected chat, and the resulting malicious link can be shared with other users on the instance. The issue occurs when the chat is in the shared format.

Recommendations Update to version 0.6.44 or later.